Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/heimdal/lib/gssapi/ntlm/creds.c
34914 views
1
/*

2
 * Copyright (c) 2006 Kungliga Tekniska Högskolan

3
 * (Royal Institute of Technology, Stockholm, Sweden).

4
 * All rights reserved.

5
 *

6
 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.

7
 *

8
 * Redistribution and use in source and binary forms, with or without

9
 * modification, are permitted provided that the following conditions

10
 * are met:

11
 *

12
 * 1. Redistributions of source code must retain the above copyright

13
 *    notice, this list of conditions and the following disclaimer.

14
 *

15
 * 2. Redistributions in binary form must reproduce the above copyright

16
 *    notice, this list of conditions and the following disclaimer in the

17
 *    documentation and/or other materials provided with the distribution.

18
 *

19
 * 3. Neither the name of the Institute nor the names of its contributors

20
 *    may be used to endorse or promote products derived from this software

21
 *    without specific prior written permission.

22
 *

23
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND

24
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

25
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

26
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE

27
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

28
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

29
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

30
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

31
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

32
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

33
 * SUCH DAMAGE.

34
 */

35


36
#include "ntlm.h"

37


38
OM_uint32 GSSAPI_CALLCONV

39
_gss_ntlm_inquire_cred

40
           (OM_uint32 * minor_status,

41
            const gss_cred_id_t cred_handle,

42
            gss_name_t * name,

43
            OM_uint32 * lifetime,

44
            gss_cred_usage_t * cred_usage,

45
            gss_OID_set * mechanisms

46
           )

47
{

48
    OM_uint32 ret, junk;

49


50
    *minor_status = 0;

51


52
    if (cred_handle == NULL)

53
	return GSS_S_NO_CRED;

54


55
    if (name) {

56
	ntlm_name n = calloc(1, sizeof(*n));

57
	ntlm_cred c = (ntlm_cred)cred_handle;

58
	if (n) {

59
	    n->user = strdup(c->username);

60
	    n->domain = strdup(c->domain);

61
	}

62
	if (n == NULL || n->user == NULL || n->domain == NULL) {

63
	    if (n)

64
		free(n->user);

65
	    *minor_status = ENOMEM;

66
	    return GSS_S_FAILURE;

67
	}

68
	*name = (gss_name_t)n;

69
    }

70
    if (lifetime)

71
	*lifetime = GSS_C_INDEFINITE;

72
    if (cred_usage)

73
	*cred_usage = 0;

74
    if (mechanisms)

75
	*mechanisms = GSS_C_NO_OID_SET;

76


77
    if (cred_handle == GSS_C_NO_CREDENTIAL)

78
	return GSS_S_NO_CRED;

79


80
    if (mechanisms) {

81
        ret = gss_create_empty_oid_set(minor_status, mechanisms);

82
        if (ret)

83
	    goto out;

84
	ret = gss_add_oid_set_member(minor_status,

85
				     GSS_NTLM_MECHANISM,

86
				     mechanisms);

87
        if (ret)

88
	    goto out;

89
    }

90


91
    return GSS_S_COMPLETE;

92
out:

93
    gss_release_oid_set(&junk, mechanisms);

94
    return ret;

95
}

96


97
#ifdef HAVE_KCM

98
static OM_uint32

99
_gss_ntlm_destroy_kcm_cred(gss_cred_id_t *cred_handle)

100
{

101
    krb5_storage *request, *response;

102
    krb5_data response_data;

103
    krb5_context context;

104
    krb5_error_code ret;

105
    ntlm_cred cred;

106


107
    cred = (ntlm_cred)*cred_handle;

108


109
    ret = krb5_init_context(&context);

110
    if (ret)

111
        return ret;

112


113
    ret = krb5_kcm_storage_request(context, KCM_OP_DEL_NTLM_CRED, &request);

114
    if (ret)

115
	goto out;

116


117
    ret = krb5_store_stringz(request, cred->username);

118
    if (ret)

119
	goto out;

120


121
    ret = krb5_store_stringz(request, cred->domain);

122
    if (ret)

123
	goto out;

124


125
    ret = krb5_kcm_call(context, request, &response, &response_data);

126
    if (ret)

127
	goto out;

128


129
    krb5_storage_free(request);

130
    krb5_storage_free(response);

131
    krb5_data_free(&response_data);

132


133
 out:

134
    krb5_free_context(context);

135


136
    return ret;

137
}

138
#endif /* HAVE_KCM */

139


140
OM_uint32 GSSAPI_CALLCONV

141
_gss_ntlm_destroy_cred(OM_uint32 *minor_status,

142
		       gss_cred_id_t *cred_handle)

143
{

144
#ifdef HAVE_KCM

145
    krb5_error_code ret;

146
#endif

147


148
    if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL)

149
	return GSS_S_COMPLETE;

150


151
#ifdef HAVE_KCM

152
    ret = _gss_ntlm_destroy_kcm_cred(cred_handle);

153
    if (ret) {

154
	*minor_status = ret;

155
	return GSS_S_FAILURE;

156
    }

157
#endif

158


159
    return _gss_ntlm_release_cred(minor_status, cred_handle);

160
}

161


162